Technical reports
Secure sessions from weak secrets
Michael Roe, Bruce Christianson, David Wheeler
July 1998, 12 pages
DOI: 10.48456/tr-445
Abstract
Sometimes two parties who share a weak secret k (such as a password) wish to share a strong secret s (such as a session key) without revealing information about k to a (possibly active) attacker. We assume that both parties can generate strong random numbers and forget secrets, and present three protocols for secure strong secret sharing, based on RSA, Diffie-Hellman and El-Gamal. As well as being simpler and quicker than their predecessors, our protocols also have slightly stronger security properties: in particular, they make no cryptographic use of s and so impose no subtle restrictions upon the use which is made of s by other protocols.
Full text
PDF (1.0 MB)
BibTeX record
@TechReport{UCAM-CL-TR-445, author = {Roe, Michael and Christianson, Bruce and Wheeler, David}, title = {{Secure sessions from weak secrets}}, year = 1998, month = jul, url = {https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-445.pdf}, institution = {University of Cambridge, Computer Laboratory}, doi = {10.48456/tr-445}, number = {UCAM-CL-TR-445} }